Controller Area Network Network Research Articles

Advancing Vehicle Security: Deep Learning based Solution for Defending CAN Networks in the Internet of Vehicles

The Internet of Vehicle (IoV) is revolutionizing the automobile sector by allowing vehicles to interact with one another and with roadside infrastructure. The Controller Area Network (CAN) is a vital component of such smart vehicles, allowing communication between various Electronic Control Units (ECUs). However, the CAN protocol's intrinsic lack of security renders it open to a variety of cyber-attacks, posing substantial hazards to both safety and privacy.This research investigates the use of deep learning with multi-layer perceptron to improve the security of CAN networks inside the IoV framework. We discuss current threats to CAN networks, including spoofing, replay, and denial-of-service attacks, and how deep learning may be used to identify and mitigate these threats efficiently. We propose a unique deep learning-based defense mechanism for real-time threat detection. The suggested method is highly effective in identifying and mitigating potential risks, as evidenced by extensive testing on real-world CAN datasets. Based on our findings, the proposed solution has the potential to considerably enhance the security of CAN networks in the Internet of Vehicles, making car communication systems more secure and reliable.

Implications of architecture and implementation choices on timing analysis of automotive CAN networks

The Controller Area Network (CAN) protocol is widely adopted in industry such as automotive. It has been analyzed in a number of studies in the real-time systems community to compute the worst case response time of messages, based on an ideal model on the behavior of the message queuing and CAN controller. Recently, more results are being added to study systems that are not constructed according to the ideal model.In this paper, we further investigate the architecture choices that may affect the timing analysis. Specifically, we provide an assessment on the practical relevance of several analysis results. We also present theory and empirical studies on the relative importance of architecture implementation issues that are quite common in real systems but further deviate from the ideal behavior. We also experimentally evaluate the response time while using TxObjects without preemption. We propose a heuristic for the design of multiple software queues when TxObjects are not preemptable. Finally, we derive an upper bound on the worst case response time when message output at the CAN driver is polling based.

Enhancing ECU identification security in CAN networks using distortion modeling and neural networks

A novel technique for electronic control unit (ECU) identification is proposed in this study to address security vulnerabilities of the controller area network (CAN) protocol. The reliable ECU identification has the potential to prevent spoofing attacks launched over the CAN due to the lack of message authentication. In this regard, we model the ECU-specific random distortion caused by the imperfections in the digital-to-analog converter and semiconductor impurities in the transmitting ECU for fingerprinting. Afterward, a 4-layered artificial neural network (ANN) is trained on the feature set to identify the transmitting ECU and the corresponding ECU pin. The ECU-pin identification is also a novel contribution of this study and can be used to prevent voltage-based attacks. We have evaluated our method using ANNs over a dataset generated from 7 ECUs with 6 pins, each having 185 records, and 40 records for each pin. The performance evaluation against state-of-the-art methods revealed that the proposed method achieved 99.4% accuracy for ECU identification and 96.7% accuracy for pin identification, which signifies the reliability of the proposed approach.

A conflict-free CAN-to-TSN scheduler for CAN-TSN gateway

The automotive Electrical/Electronic (E/E) architecture with Time-Sensitive Networking (TSN) as the backbone network and Controller Area Network (CAN) as the intra-domain network has attracted extensive research attention. In this architecture, the CAN-TSN gateway serves as a vital hub for communication between the CAN and TSN networks. However, with frequent information exchange between domains, multiple real-time applications inevitably compete for the same network resources. The limited availability of schedule table entries and bandwidth allocation pose challenges in scheduling design. To mitigate the transmission conflicts at the CAN-TSN gateway, this paper proposes a CAN-to-TSN scheduler consisting of two primary stages. The first stage introduces the Message Aggregation Optimization (MAO) algorithm to aggregate multiple CAN messages into a single TSN message, ultimately decreasing the communication overhead and the schedule table entries number. The second stage proposes the Exploratory Message Scheduling Optimization (EMSO) algorithm based on MAO. EMSO disaggregates and reassembles the CAN messages with small deadlines within the currently un-scheduled TSN message to improve the acceptance ratio of CAN messages. Experimental results demonstrate that EMSO achieves an average acceptance ratio of CAN messages 4.3% higher in preemptive mode and 8.2% higher in non-preemptive mode in TSN than state-of-the-art algorithms.

Vulnerabilities and Attacks on CAN-Based 3D Printing/Additive Manufacturing

Recent advancements in 3D-printing/additive manufacturing has brought forth a new interest in the use of Controller Area Network (CAN) for multi-module, plug-and-play bus support for their embedded systems. CAN systems provide a variety of benefits that can outweigh typical conventional wire-loom protocols in many categories. However, implementation of CAN also brings forth vulnerabilities provided by its spoofable, destination-encoded shared communication bus. These vulnerabilities result in undetectable fault injection, packet manipulation, unauthorized packet logging/sniffing, and more. They also provide attackers the capability to manipulate all sensor information, commands, and create unsafe operating conditions using only a single compromised node on the CAN network (bypassing all root-of-trust in the modules). Thus, malicious hardware requires only a connection to the bus for access to all traffic. In this paper, we discuss the effects of repurposed CAN-based attacks capable of manipulating sensor data, overriding systems, and injecting dangerous commands on the Controller Area Network using various entry methods. As a case study, we also showed a spoofing attack on critical data modules within a commercial 3D printer.

Automotive Cybersecurity Application Based on CARDIAN

Nowadays, a vehicle can contain from 20 to 100 ECUs, which are responsible for ordering, controlling and monitoring all the components of the vehicle itself. Each of these units can also send and receive information to other units on the network or externally. For most vehicles, the controller area network (CAN) is the main communication protocol and system used to build their internal network. Technological development, the growing integration of devices and the numerous advances in the field of connectivity have allowed the vehicle to become connected, and the flow of information exchanged between the various ECUs (electronic control units) becomes increasingly important and varied. Furthermore, the vehicle itself is capable of exchanging information with other vehicles, with the surrounding environment and with the Internet. As shown by the CARDIAN project, this type of innovation allows the user an increasingly safe and varied driving experience, but at the same time, it introduces a series of vulnerabilities and dangers due to the connection itself. The job of making the vehicle safe therefore becomes critical. In recent years, it has been demonstrated in multiple ways how easy it is to compromise the safety of a vehicle and its passengers by injecting malicious messages into the CAN network present inside the vehicle itself. The purpose of this article is the construction of a system that, integrated within the vehicle network, is able to effectively recognize any type of intrusion and tampering.

An Active Front Steering System Design Considering the CAN Network Delay

The x-by-wire technology promotes the rapid development of intelligent vehicles, but it comes with the network delays, which would deteriorate the control performance. Therefore, this paper proposes an active front steering (AFS) design scheme considering the network delays to ensure the vehicle path-tracking accuracy and stability performance. First, the vehicle system with delays induced by the Controller Area Network (CAN) is analyzed, based on which an augmented model is built to describe the vehicle motion combined with the random network delays. Considering the uncertainty of the delay, the model is reconstructed by the polytope method. Then, a robust H∞ state feedback controller is developed to ensure the system performance when handling the parametric uncertainties. Furthermore, the robust invariant set is introduced to depict the system constraints, which can guarantee the vehicle stability. Through transforming into the linear matrix inequalities, a feasible solution is calculated. Finally, the rapid control prototype (RCP) based on the CarSim/Simulink test platform is used to validate the proposed controller. The results compared with the model predictive control show the effectiveness to ensure the prescribed performance.

OFIDS : Online Learning-Enabled and Fingerprint-Based Intrusion Detection System in Controller Area Networks

As a widely used industrial field bus, the controller area network (CAN) lacks security mechanisms (e.g., encryption and authentication). With the development of network connectivity and the increase in external communication, CAN networks are vulnerable to security attacks (e.g., masquerade). Attackers can intrude on CAN networks to control CAN devices, causing security threats. A fingerprint-based intrusion detection system (IDS) in CAN networks can detect masquerade attacks by scanning the unique clock signals of CAN devices. However, most state-of-the-art fingerprint-based IDSs commonly use an analog-to-digital converter module with a low frequency of 60 MHz to sample CAN signals, lowering the accuracy of the trained fingerprint-based IDS model. In addition, almost all fingerprint-based IDSs are trained offline and then detected online in CAN networks, ignoring that system clock signals of hardware change over time, resulting in degraded detection performance. An intrusion detection system based on physical fingerprints can achieve effective identification of masquerade attacks. This paper proposes an online learning-enabled and fingerprint-based IDS (OFIDS) in CAN networks to increase the sampling frequency, simplify the sampling circuit, shorten the delay time, improve the detection response time, and increase the detection accuracy. OFIDS uses a high-speed comparator (i.e., TLV3501) and field-programmable gate arrays (FPGA; i.e., Xilinx ZYNQ-7010) to sample the CAN_High signal, achieving a low sampling delay time of 4.5 ns and a high sampling frequency of 1 GHz. The self-adaptability of the backpropagation neural network is taken advantage of and used to train the OFIDS model with a detection accuracy of 99.9992%. The OFIDS model is deployed to a CAN network prototype with five CAN devices (i.e., two Arduino UNO boards and three STM32 microcontrollers), where online learning is conducted with a low training time of less than 2 min to update the OFIDS model. Experimental results show that OFIDS can achieve at least 99.99% detection accuracy within 0.18 <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"><tex-math notation="LaTeX">$\mu$</tex-math></inline-formula> s in a CAN network prototype and can achieve 98% detection accuracy in a real vehicle.

Automotive Electronic Control Unit Ground Line Health Monitoring Method

Electronic Control Units (ECUs) have been used in the automotive industry for decades to control one or more of the vehicle subsystems. The ECUs communicate primarily using the in-vehicle Controller Area Network (CAN) communication protocol. The recent rapid development of connected, electric, and autonomous vehicles expands the number of ECUs and complexity of the CAN network required to integrate vehicle systems and deliver the desired functionalities. This demands increased reliability of the ECUs to ensure for robust vehicle performance. One of the most common ECU failure modes is the ECU ground fault. A ground fault occurs when the ground path in the ECU circuit is corroded, which is usually developed slowly over time. Such failure usually results in various symptoms including ECU incapable of functioning and further impacts the vehicle functionalities negatively. This type of fault can be difficult to detect prior to vehicle functionality loss. It usually involves routinely testing the resistance of the ground circuit, visually inspecting the connectors and wirings, and checking the voltage drop across the ground circuit. Therefore, it is highly desirable to continuously monitor the ECU ground line health status to predict any degradation and thus prevent vehicle functionality losses.&#x0D; This paper presents a novel method to monitor the health status of ECU ground line. The method leverages measured CAN voltage data to estimate the ECU ground state of health. The CAN voltage measurements are preprocessed and fed into a real-time data buffer of predefined size. Statistical moments are calculated from the buffered data to generate health indicators, which are then combined to form a fused health indicator. The fused health indicator is used to determine the health stage of ECU ground line. The health stage is classified based on the relationship between ground line degradation level and the ECU communication loss status. The method was developed and validated using actual vehicle data.

Virtual instrumentation on CAN network for process monitoring Red CAN de instrumentación virtual para monitoreo de procesos

Virtual instrumentation has experienced significant advancements in recent decades, providing efficient and reliable solutions for the connection and communication of electronic devices in various applications. This article explores the most relevant developments in the field, focusing on the integration of Controller Area Network (CAN) networks and microcontrollers in distributed sensor projects. The article also presents a case study in which a CAN network is implemented along with the ESPWroom32 microcontroller in a distributed sensor project for alcoholic beverage production. The sensors used in each stage of the process, such as ultrasonic, load, water level, and motion sensors, are described, highlighting the importance of redundancy in monitoring critical parameters to ensure safety and proper process operation.

Smart Intrusion Detection System for CAN Network Implemented using LSTM Strategy

In today's cars, communication between electronic control units is managed via the Controller Area Network (CAN) bus system. Nevertheless, the CAN bus system lacks means for authentication and authorisation, making it susceptible to attacks like denial-of-service, fuzzing, and spoofing. To identify and counteract CAN bus network intrusions, this study suggests an intrusion detection system based on a Long Short-Term Memory (LSTM) model. Extraction of attack-free data and attack injection produced the dataset used for testing and training. Findings show that the suggested LSTM model has a greater detection rate than the Survival Analysis approach and is efficient in defending current automobiles from assaults on the CAN bus network. The ability to identify these sorts of assaults is limited by the constraints of conventional intrusion detection systems (IDS) for CAN bus networks, such as statistical analysis, frequency-based analysis, and Hidden Markov Model (HMM). Using a Long Short-Term Memory (LSTM) based strategy, the objective of this article is to build a reliable IDS that can efficiently identify and counteract these assaults on the CAN bus network.

TCE-IDS: Time Interval Conditional Entropy- Based Intrusion Detection System for Automotive Controller Area Networks

Intelligent connected vehicle is rapidly growing with the 5-G technology; the diversity of functional interfaces has significantly expanded the avenues of attack, making automotive controller area network (CAN) more vulnerable to cyberthreats. Automotive CAN network attacks are a direct threat to traffic safety, and in this study, we explore the use of intrusion detection techniques for mitigating cyberattacks. However, most automotive CAN network intrusion detection technologies are not capable of defending against sophisticated attacks, making it extremely challenging for detecting intrusions in practice. In this article, we propose a novel time interval conditional entropy method for detecting intrusions in automotive CAN networks. The time interval conditional entropy intrusion detection method is not susceptible to interference and is capable of detecting a variety of attacks. In our experiments, the conditional entropy values of regular communication messages are collected and utilized to distinguish and detect the attacks. The time interval conditional entropy detection method is implemented and evaluated in our controller area net-work bus (CAN-BUS) network platform. The experiments show that our method has higher detection accuracy and is easier to deploy compared to existing automotive CAN network intrusion detection methods.

Unsupervised Deep Learning Approach for In-Vehicle Intrusion Detection System

The controller area network (CAN) is a standard communication protocol used for sending messages between electronic control unit of a modern automotive system. CAN protocol does not have any in-built security mechanisms and, hence, various attacks can affect the vehicle and cause life threats to the passengers. This article presents an unsupervised deep learning architecture for detecting intrusions on a CAN bus. The CAN intrusion detection system (IDS) architecture has an autoencoder that helps to learn the optimal features from CAN packets to differentiate between the normal and attacks. The optimal features are passed as input to the Gaussian mixture model, which helps us to cluster the CAN network packet data samples into normal and attacks. A detailed analysis of the proposed architecture is done on the CAN IDS dataset. To develop a robust CAN IDS system and achieve generalization, the proposed method is evaluated on the other two computer network intrusion datasets and a wireless sensor network dataset. In all the experiments, the proposed method has performed better than the existing unsupervised method and mainly showed a performance gain of 6.4% on the CAN IDS dataset. This indicates that the proposed method is robust and generalizable across detecting various attacks in a CAN bus and most importantly, the method can be used in real time to effectively monitor the CAN network traffic to proactively alert possible attacks.

Nash Equilibrium Control Policy Against Bus-off Attacks in CAN Networks

A bus-off attack is a denial-of-service (DoS) attack which exploits error handling in the controller area network (CAN) to induce an honest node to disconnect itself from the CAN bus. This paper develops a stochastic transmission policy as a countermeasure for the controller-transmitter pair against the bus-off attack. We model this as a non-zero-sum linear-quadratic-Gaussian game between the controller-transmitter pair and the attacker. We derive Nash equilibria of the game for two different information structures of the attacker. We show that the attacker has a dominant attack strategy under both information structures. Under the dominant attack strategy, we show that the optimal control policy is linear in the system state. We further identify a necessary and a sufficient conditions on the transmission policy to have bounded average cost. The theoretical results are complemented by a detailed case study of a bus-off attack on a vehicular adaptive cruise control model.

CarTwin—Development of a Digital Twin for a Real-World In-Vehicle CAN Network

Digital twins are used to replicate the behavior of physical systems, and in-vehicle networks can greatly benefit from this technology. This is mainly because in-vehicle networks circulate large amounts of data coming from various sources such as wired, or in some cases even wireless, sensors that are fused by actuators responsible for safety-critical tasks that require careful testing. In this work, we build a laboratory in-vehicle network that mimics a real vehicle network in regards to wire length, number of stubs and devices that are connected to it. The Controller Area Network (CAN), which is still the most popular communication bus inside cars, is used as a network layer. Using models defined in MATLAB for various subsystems, e.g., Anti-lock Braking System (ABS), Powertrain and Electric Power-Steering, deployed on automotive-grade microcontrollers, we evaluate the in-vehicle bus digital twin by providing realistic inputs and recording and reproducing in-vehicle network traffic. The experimental results showed good correlation between the output of the implemented digital twin and the data collected from an actual car.

PUF-Based Post-Quantum CAN-FD Framework for Vehicular Security

The Controller Area Network (CAN) is a bus protocol widely used in Electronic control Units (ECUs) to communicate between various subsystems in vehicles. Insecure CAN networks can allow attackers to control information between vital vehicular subsystems. As vehicles can have lifespans of multiple decades, post-quantum cryptosystems are essential for protecting the vehicle communication systems from quantum attacks. However, standard CAN’s efficiency and payload sizes are too small for post-quantum cryptography. The Controller Area Network Flexible Data-Rate (CAN-FD) is an updated protocol for CAN that increases transmission speeds and maximum payload size. With CAN-FD, higher security standards, such as post-quantum, can be utilized without severely impacting performance. In this paper, we propose PUF-Based Post-Quantum Cryptographic CAN-FD Framework, or PUF-PQC-CANFD. Our framework provides post-quantum security to the CAN network while transmitting and storing less information than other existing pre-quantum and post-quantum CAN frameworks. Our proposal protects against most cryptographic-based attacks while transmitting (at up to 100 ECUs) 25–94% less messages than existing pre-quantum frameworks and 99% less messages than existing post-quantum frameworks. PUF-PQC-CANFD is optimized for smaller post-quantum key sizes, storage requirements, and transmitted information to minimize the impact on resource-restricted ECUs.

Bit-Level Automotive Controller Area Network Message Reverse Framework Based on Linear Regression.

Modern intelligent and networked vehicles are increasingly equipped with electronic control units (ECUs) with increased computing power. These electronic devices form an in-vehicle network via the Controller Area Network (CAN) bus, the de facto standard for modern vehicles. Although many ECUs provide convenience to drivers and passengers, they also increase the potential for cyber security threats in motor vehicles. Numerous attacks on vehicles have been reported, and the commonality among these attacks is that they inject malicious messages into the CAN network. To close the security holes of CAN, original equipment manufacturers (OEMs) keep the Database CAN (DBC) file describing the content of CAN messages, confidential. This policy is ineffective against cyberattacks but limits in-depth investigation of CAN messages and hinders the development of in-vehicle intrusion detection systems (IDS) and CAN fuzz testing. Current research reverses CAN messages through tokenization, machine learning, and diagnostic information matching to obtain details of CAN messages. However, the results of these algorithms yield only a fraction of the information specified in the DBC file regarding CAN messages, such as field boundaries and message IDs associated with specific functions. In this study, we propose multiple linear regression-based frameworks for bit-level inversion of CAN messages that can approximate the inversion of DBC files. The framework builds a multiple linear regression model for vehicle behavior and CAN traffic, filters the candidate messages based on the decision coefficients, and finally locates the bits describing the vehicle behavior to obtain the data length and alignment based on the model parameters. Moreover, this work shows that the system has high reversion accuracy and outperforms existing systems in boundary delineation and filtering relevant messages in actual vehicles.

Electric Vehicle Control System by using Controller Area Network Communication

The Controller Area Network (CAN) communication protocol is designed by Bosch in the 1980s as a doubled wired, differential voltage-based serial communication system for control systems. Electric vehicles, like Gasoline vehicles, require controllers to regulate load operation, where conventional point-to-point communication system gets outcome of huge number of cables in the harness. CAN is used to minimize the amount of cables and enable various controllers to transfer data and accomplish complicated jobs simultaneously. This paper presents the design of a CAN-based control system to be used as a replacement for the existing system and shows the development of four modules as well as a proposed implementation for the complete system. Individual modules will be developed initially and later interfaced to the CAN network with CAN controller modules. All modules are connected with a twisted pair of cables for data transmission with CAN.

BusCount: A Provable Replay Protection Solution for Automotive CAN Networks

Information technology has become eminent in the development of modern cars. More than 50 Electronic Control Units (ECUs) realize vehicular functions in hardware and software, ranging from engine control and infotainment to future autonomous driving systems. Not only do the connections to the outside world pose new threats, but also the in-vehicle communication between ECUs, realized by bus systems such as Controller Area Network (CAN), needs to be protected against manipulation and replay of messages. Multiple countermeasures were presented in the past making use of Message Authentication Codes and time stamps and message counters, respectively, to provide message freshness, most prominently AUTOSAR’s Secure Onboard Communication (SecOC). In this paper, we focus on the latter ones. As one aspect of this paper, using an adequate formal model and proof, we will show that the currently considered solutions exhibit deficiencies that are hard if not impossible to overcome within the scope of the respective approaches. We further present a hardware-based approach that avoids these deficiencies and formally prove its freshness properties. In addition, we show its practicability by a hardware implementation. Finally, we evaluate our approach in comparison to counter-based solutions currently being used.

(Semi-)Automatically Parsing Private Protocols for In-Vehicle ECU Communications

In-vehicle electronic control unit (ECU) communications generally count on private protocols (defined by the manufacturers) under controller area network (CAN) specifications. Parsing the private protocols for a particular vehicle model would be of great significance in testing the vehicle’s resistance to various attacks, as well as in designing efficient intrusion detection and prevention systems (IDPS) for the vehicle. This paper proposes a suite of methods for parsing ECU private protocols on in-vehicle CAN network. These methods include an algorithm for parsing discrete variables (encoded in a discrete manner, e.g., gear state), an algorithm for parsing continuous variables (encoded in a continuous manner, e.g., vehicle speed), and a parsing method based on upper-layer protocols (e.g., OBD and UDS). Extensive verifications have been performed on five different brands of automobiles (including an electric vehicle) to demonstrate the universality and the correctness of these parsing algorithms. Some parsing tips and experiences are also presented. Our continuous-variables parsing algorithm could run in a semi-automatic manner and the parsing algorithm from upper-layer protocols could execute in a completely automatic manner. One might view the results obtained by our parsing algorithms as an important indicator of penetration testing on in-vehicle CAN network.